The official story from LastPass and the claims of the reporters are in direct conflict. Either the master passwords were reused and this is credential stuffing, or there is actually a LastPass breach affecting all users.
One [incident] reporter claims they changed their master password and had a breach attempt using the new password. If that is true that is extremely alarming.
There could be some malware targeting a LastPass extension or app cache somewhere, but that is groundless theory on my part.
